WHAT IS CLAIMED IS: 



1 LA system for automatically configuring a plurality of different 

2 types of network devices, comprising 

3 a library of generic commands that can be applied to said devices and 

4 converters for converting each of said generic commands into device-specific 

5 commands to be applied to individual network devices; 

6 a database storing configuration parameters for said plurality of 

7 network devices; and 

8 a configuration interface which receives said parameters from said 

9 database and issues generic commands to said library to cause individual ones of 
10 said devices to be configured in accordance with said parameters. 

1 2. The system of claim 1 wherein said interface issues commands to 

2 said library to obtain configuration information from individual devices, and stores 

3 said information in said database. 

1 3 . The system of claim 1 wherein said configuration parameters are 

2 stored in said database as a model containing a list of values to which each 

3 configuration parameter in an individual one of said devices is to be set. 

1 4. The system of claim 3 wherein said model also identifies the 

2 specific sequence in which the setting of the parameter values is to take place. 

1 5. The system of claim 1 wherein said interface communicates with 

2 said database to obtain the identification of firewall devices associated with a 

3 network and generates a first display which lists said devices, and further includes 

4 means responsive to the selection of one of the devices in said list to generate a 

5 second display which lists conduits within said device, wherein each conduit is 
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identified by means of descriptive names stored in said database for local and 
external devices and/or networks that are logically connected by the conduit. 



1 6. The tool of claim 5, further including means responsive to the 

2 selection of one of the devices listed in said first display to generate a third display 

3 which lists internal networks owned by an entity associated with the selected 

4 device, and means to selectively open and close conduits respectively 

5 corresponding to said internal networks. 

1 7. The tool of claim 6 wherein said third display further includes 

2 means for adding a new conduit to one of the internal networks. 

1 8. The system of claim 1 wherein said interface includes: 

2 means for commandmg a console server to send a message to each 

3 console connected to said console server; 

4 means for analyzing a response to said message provided by each 

5 console to determine the type of device which transmitted said response; and 

6 means for displaying a list of device types corresponding to the 

7 consoles connected to said console server. 

1 9. The system of claim 1 further including a memory storing a 

2 template which contains a sequence of commands for configuring each of a 

3 plurality of devices of a given type, wherein each command that refers to a 

4 particular device contauis a variable as the identification of the device; and 

5 wherein: 

6 said database stores a record which indicates the respective network 

7 address of each specific device for which a given device is to be configured, and 

8 said interface is responsive to a command to configure a given device 

9 for retrieving said template and the stored record associated with said given 
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10 device, substituting the network addresses in the retrieved record for the variables 

11 in said template, and issuing commands to configure the given device in 

12 accordance with said retrieved record and said template. 

1 10. The system of claim 9 wherein said network addresses comprise 

2 Internet Protocol (IP) addresses. 

1 11. The system of claim 9 wherein a plurality of templates are stored 

2 in said memory, each corresponding to a different respective type of device. 

1 12. The system of claim 11 wherein said templates are stored in said 

2 database. 

1 13. The system of claim 3 wherein each parameter setting in said 

2 model is used to construct a separate command, and said commands are stored in a 

3 queue to be individually retrieved and forwarded to said library by said interface. 

1 14. The system of claim 1 wherein said converters transmit each of 

2 said commands in accordance with a transmission protocol specific to the 

3 individual devices, respectively. 

1 15. The system of claim 14 wherein one of said transmission 

2 protocols comprises Telnet. 
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